Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 33989 - freeradius heap exploit before version 0.9.3
Summary: freeradius heap exploit before version 0.9.3
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: GLSA Errors (show other bugs)
Hardware: All Linux
: High critical (vote)
Assignee: Gentoo Security
Depends on:
Reported: 2003-11-20 23:05 UTC by Oliver Graf
Modified: 2003-11-25 11:38 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---

New freeradius ebuild for fixed version 0.9.3 (freeradius-0.9.3.ebuild,2.83 KB, text/plain)
2003-11-20 23:07 UTC, Oliver Graf

Note You need to log in before you can comment on or make changes to this bug.
Description Oliver Graf 2003-11-20 23:05:26 UTC
freeradius has a heap exploit in all versions before 0.9.3. It is possible for
an attacker to DOS the radius server.

Solution: upgrade to 0.9.3

Reproducible: Always
Steps to Reproduce:
Send a compromised RADIUS paket to the server. It needs to have a
Tunnel-Password attribute inside.
Actual Results:  
The server crashes.

Expected Results:  
The server should not crash.

See release notes on
Comment 1 Oliver Graf 2003-11-20 23:07:09 UTC
Created attachment 21018 [details]
New freeradius ebuild for fixed version 0.9.3

An version bounced ebuild of the 0.9.0 ebuild I submitted some months ago.

This is version 0.9.3 which has the heap dos exploit fixed.
Comment 2 Oliver Graf 2003-11-21 07:08:21 UTC
The original release mail for version 0.9.3 is here:

Comment 3 Ryan Phillips (RETIRED) gentoo-dev 2003-11-21 09:10:10 UTC
Comment 4 solar (RETIRED) gentoo-dev 2003-11-22 17:39:27 UTC
This is ready for a GLSA now.
Comment 5 Ryan Phillips (RETIRED) gentoo-dev 2003-11-24 09:52:10 UTC
Rajiv: could you release a GLSA for this?
Comment 6 Tim Yamin (RETIRED) gentoo-dev 2003-11-25 11:38:40 UTC
GLSA 200311-04 sent out.